Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

I can test it locally but it will take me couple days to get there. Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of ?? Sent:

Re: [squid-users] pinger without peers

On 10/03/2017 6:36 a.m., Matus UHLAR - fantomas wrote: > Hello, > > does it have sense to run pinger without having cache peers configured? > > if I get the "Network DB Statistics:" output properly, it seems that 33% of > hosts is unreachable. > The code using it is called peer-selection, but

Re: [squid-users] microsoft edge and proxy auth not working

adding this back to the mailing list, for the benefit of those who search for it. i do not have simple and easy to use instructions for mac os x and linux participation in AD. it is not a simple task. on linux, you will need to look into SSSD (Simple Security Services Daemon) and understand

Re: [squid-users] microsoft edge and proxy auth not working

The thing is, when you got some machines in your network which are not joined to the domain (think apple, linux) you still need NTLM support on proxy :( And having full blown Samba just because of those few is too much of admin's hassle - so we had to write NTLM relay that would rebind to

Re: [squid-users] microsoft edge and proxy auth not working

Ah OK sorry I am curious why you have a reason to use NTLM over Kerberos? :-) -Original Message- From: Rafael Akchurin [mailto:rafael.akchu...@diladele.com] Sent: 09 March 2017 18:01 To: Mike Surcouf Cc: Amos Jeffries; squid-users@lists.squid-cache.org Subject: Re: [squid-users]

Re: [squid-users] squid workers question

On 03/09/2017 10:24 AM, Matus UHLAR - fantomas wrote: >> On 03/09/2017 09:54 AM, Matus UHLAR - fantomas wrote: >> Master is not a >> kid (it is a parent of all kids), the first N kids are workers, the >> next D kids are diskers, and the last kid is Coordinator. Please >> see the

Re: [squid-users] microsoft edge and proxy auth not working

Hello Mike, I specifically was debugging our NTLM implementation with Edge :) Kerberos works just fine, you are correct. Best regards, Rafael Akchurin > Op 9 mrt. 2017 om 18:57 heeft Mike Surcouf het volgende > geschreven: > > Hi Rafael > > Is there any reason you

Re: [squid-users] squid workers question

On 03/09/2017 10:18 AM, Matus UHLAR - fantomas wrote: > cache_dir rock /var/spool/squid3/rock 1024 max-size=32768 > #cache_dir aufs /var/spool/squid3 8192 16 256 min-size=32769 > > are those correct values? (bug 3411 says something about 256B > metadata) >>> Those 256 Byte

[squid-users] ext_wbinfo_group_acl is not working

Hi, everybody! I have my Squid 3.4.8 running in Debian Jessie. It has been working with Active Directory authentication for more than a year without any kind of problem. But since a couple of weeks ago, suddenly, it stopped authenticate users, asking for credentials (username and pass) and

Re: [squid-users] Setting Up Squid - my scenario

Here is the conf file. http_port 3128cache_peer parent 0 no-query default proxy-only login=NEGOTIATE  acl manager proto cache_objectacl localhost src 127.0.0.1/255.255.255.255acl all src 0.0.0.0/0.0.0.0http_access allow allnever_direct allow allicp_access deny all cache_effective_user

Re: [squid-users] squid workers question

On 03/09/2017 09:54 AM, Matus UHLAR - fantomas wrote: Master is not a kid (it is a parent of all kids), the first N kids are workers, the next D kids are diskers, and the last kid is Coordinator. Please see the following wiki section for more details.

Re: [squid-users] Setting Up Squid - my scenario

On 10/03/2017 6:00 a.m., S V Hareesh wrote: > Ok, I tried that but it didnt work. I can put a conf file here. As a > start I am currently in a scenario trying to replace a simple CNTLM > HTTP proxy with Squid. I want to configure one account which > authenticates with parent proxy send the

Re: [squid-users] squid workers question

On 10.03.17 05:30, Amos Jeffries wrote: seems that my memory problem is somehow related to 4g of "2K Buffers" whatever that means. This is cachrmgr output: (bytes)KB/chobj/ch(#)usedfreepart %Frag(#)(KB)high (KB)high (hrs)%Tot(#) (KB)

Re: [squid-users] Login=PASS --> Query

On 10/03/2017 3:23 a.m., Hareesh wrote: > Hi > > I have a query related to the option Login=PASS in cache-peer. The > documentation mentions the following. > > login=PASS Send login details received from client to this peer. > Authentication is not required by

Re: [squid-users] Setting Up Squid - my scenario

Ok, I tried that but it didnt work. I can put a conf file here. As a start I am currently in a scenario trying to replace a simple CNTLM HTTP proxy with Squid. I want to configure one account which authenticates with parent proxy send the downstream requests with out taking any creds. Sent from

Re: [squid-users] squid workers question

On 03/09/2017 09:54 AM, Matus UHLAR - fantomas wrote: Master is not a kid (it is a parent of all kids), the first N kids are workers, the next D kids are diskers, and the last kid is Coordinator. Please see the following wiki section for more details.

Re: [squid-users] microsoft edge and proxy auth not working

Hello Amos, Markus, all, Just as a side note - I also suffered from this error sometime before with Edge and our custom NTLM relay to domain controllers (run as auth helper by Squid). The strange thing it went away after installing some (unknown) Windows update. I do have the "auth_param

Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

On 03/09/2017 09:32 AM, 段垚 wrote: > There are still similar messages in `/var/log/squid/cache.log`: > > 2017/03/10 00:20:00 kid2| commBind Cannot bind socket FD 21 to [::]: (2) > No such file or directory This feels like an IPC problem (with an awful diagnostic). There are a few hints at

Re: [squid-users] squid workers question

On 09.03.17 09:07, Alex Rousskov wrote: Both rock and AUFS stores support large objects so there is no requirement to split storage based on object sizes. Each store has various pros and cons, but lack of large object support is not one of the distinguishing characteristics. I thought the

Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

On 03/09/2017 09:32 AM, 段垚 wrote: > commBind Cannot bind socket ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Setting Up Squid - my scenario

On 10/03/2017 5:19 a.m., S V Hareesh wrote: > On top of the conf file from default setup on Windows, I added the following > line in the conf. I added the dns servers and allowed localhost. > > cache_peer parent 80 0 default connection-auth=on proxy-only > > never_direct allow all > > When I

Re: [squid-users] squid workers question

On 03/09/2017 09:19 AM, Matus UHLAR - fantomas wrote: > On 09.03.17 09:07, Alex Rousskov wrote: >> Both rock and AUFS stores support large objects so there is no >> requirement to split storage based on object sizes. Each store has >> various pros and cons, but lack of large object support is not

Re: [squid-users] squid workers question

On 10/03/2017 5:19 a.m., Matus UHLAR - fantomas wrote: >> On 03/09/2017 07:21 AM, Matus UHLAR - fantomas wrote: >>> I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie >>> version) >>> >>> (I know it's old, but I prefer using distribution-provided SW unless >>> it has >>> real

Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

在 2017/3/9 23:22, Amos Jeffries 写道: On 10/03/2017 3:57 a.m., Alex Rousskov wrote: On 03/09/2017 07:00 AM, 段垚 wrote: I installed Squid 4.0.18 on CentOS 7 X86_84 according to http://wiki.squid-cache.org/KnowledgeBase/CentOS#Squid_Beta_release I add a line "workers 2" to

Re: [squid-users] squid workers question

On 10/03/2017 5:14 a.m., Matus UHLAR - fantomas wrote: >> On 10/03/2017 3:21 a.m., Matus UHLAR - fantomas wrote: >>> I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie >>> version) > >>> - does this version have known memory leaks? >>>

Re: [squid-users] Setting Up Squid - my scenario

On top of the conf file from default setup on Windows, I added the following line in the conf. I added the dns servers and allowed localhost. cache_peer parent 80 0 default connection-auth=on proxy-only never_direct allow all When I point my browser to this proxy, it gives me 407, auth

Re: [squid-users] squid workers question

On 03/09/2017 07:21 AM, Matus UHLAR - fantomas wrote: I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie version) (I know it's old, but I prefer using distribution-provided SW unless it has real problem distribution isn't able to fix) On 09.03.17 09:07, Alex Rousskov wrote:

Re: [squid-users] squid workers question

On 10/03/2017 3:21 a.m., Matus UHLAR - fantomas wrote: I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie version) - does this version have known memory leaks? http://www.squid-cache.org/Versions/v3/3.5/ChangeLog.txt shows some leaks fixed but they all seem to be related to

Re: [squid-users] microsoft edge and proxy auth not working

On 8/03/2017 11:28 p.m., Rietzler, Markus (RZF, Aufg 324 / ) wrote: > i should add that we are using squid 3.5.24. > Try with "auth_param ntlm keep_alive off". Recently the browsers have been needing that. Though frankly I am surprised if Edge supports NTLM at all. It was deprecated in April

Re: [squid-users] squid workers question

On 03/09/2017 07:21 AM, Matus UHLAR - fantomas wrote: > I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie > version) > > (I know it's old, but I prefer using distribution-provided SW unless it has > real problem distribution isn't able to fix) My answers are based on v5 code.

Re: [squid-users] squid workers question

On 10/03/2017 3:21 a.m., Matus UHLAR - fantomas wrote: > Hello, > > I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie > version) > > (I know it's old, but I prefer using distribution-provided SW unless it has > real problem distribution isn't able to fix) > > - does this

Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

On 10/03/2017 3:57 a.m., Alex Rousskov wrote: > On 03/09/2017 07:00 AM, 段垚 wrote: >> I installed Squid 4.0.18 on CentOS 7 X86_84 according to >> http://wiki.squid-cache.org/KnowledgeBase/CentOS#Squid_Beta_release >> >> I add a line "workers 2" to `/etc/squid/squid.conf` (just a copy of >>

Re: [squid-users] cachemgr CGI version compatibility

On 10/03/2017 3:32 a.m., Matus UHLAR - fantomas wrote: > Hello, > > will older cachemgr.cgi work well with newer squid? > Yes they should. Likewise the newer cachemgr.cgi should work as well with older Squid. The tool and Squid are explicitly being kept both forward and backward compatible.

Re: [squid-users] kerb auth groups KV note acl config

@Markus I would really like to give this a go. Good to get some people using this stuff -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Mike Surcouf Sent: 07 March 2017 15:21 To: 'squid-users@lists.squid-cache.org' Subject:

Re: [squid-users] Can't start Squid with workers via systemd on CentOS 7

On 03/09/2017 07:00 AM, 段垚 wrote: > I installed Squid 4.0.18 on CentOS 7 X86_84 according to > http://wiki.squid-cache.org/KnowledgeBase/CentOS#Squid_Beta_release > > I add a line "workers 2" to `/etc/squid/squid.conf` (just a copy of > `squid.conf.default`) > and start squid via `systemctl start

Re: [squid-users] squid-4.0.18 error when running

On 8/03/2017 3:05 a.m., sothy shan wrote: > Hello, > > I am trying to run <>, I got the followng error. > > Why is this error ? Thanks for your help. > > > Best regards > Sothy > > 2017/03/07 15:02:48.221| 1,2| main.cc(1568) SquidMain: running > RegisteredRunner::finalizeConfig > 2017/03/07

Re: [squid-users] ext_wbinfo_group_acl is not working

On 8/03/2017 2:35 a.m., Verónica Ovando wrote: > Hi, everybody! > > > I have my Squid 3.4.8 running in Debian Jessie. It has been working with > Active Directory authentication for more than a year without any kind of > problem. But since a couple of weeks ago, suddenly, it stopped

[squid-users] cachemgr CGI version compatibility

Hello, will older cachemgr.cgi work well with newer squid? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. There's a long-standing bug

[squid-users] Login=PASS --> Query

Hi I have a query related to the option Login=PASS in cache-peer. The documentation mentions the following. login=PASS Send login details received from client to this peer. Authentication is not required by this option.

[squid-users] squid workers question

Hello, I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie version) (I know it's old, but I prefer using distribution-provided SW unless it has real problem distribution isn't able to fix) - does this version have known memory leaks?

Re: [squid-users] anonymous squid setup on digital ocean centos 6 but my IP still detected

On 7/03/2017 12:31 a.m., Alex Muir wrote: > Greetings, > > I have implemented the following tutorial > > from > digital ocean which sets up squid with settings to not have my IP address > forwarded. > > I'm

[squid-users] Can't start Squid with workers via systemd on CentOS 7

I installed Squid 4.0.18 on CentOS 7 X86_84 according to http://wiki.squid-cache.org/KnowledgeBase/CentOS#Squid_Beta_release I add a line "workers 2" to `/etc/squid/squid.conf` (just a copy of `squid.conf.default`) and start squid via `systemctl start squid`, It seems squid is running, except

Re: [squid-users] Ssl bump tunneling connection by using Common Name

On 7/03/2017 5:41 a.m., Eliezer Croitoru wrote: > Hey, > > There was something about it but I believe it's only on squid version 4.0.X. FTR; Squid-4 brings the ability to tunnel Skype clients that were using something that looked a bit like TLS but wasn't (along with the many port 443 non-TLS

Re: [squid-users] squid 3.5.24 Host header forgery detected

On 7/03/2017 12:43 a.m., hellname hellname wrote: > Hello. I have the squid 3.5.24 from source: > configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' > '--includedir=/include' '--mandir=/share/man' '--infodir=/share/info' > '--sysconfdir=/etc' '--localstatedir=/var'

Re: [squid-users] Fwd: reverse proxy HTTPS

On Thu, Mar 9, 2017 at 1:41 PM, Amos Jeffries wrote: > On 6/03/2017 11:21 p.m., sothy shan wrote: > > Hi, > > > > I can give precise what I am doing on this part.See the previous mail > below > > for my exact requirement. > > > > //create the keys. > > > > $openssl req -new

Re: [squid-users] Fwd: reverse proxy HTTPS

On 6/03/2017 11:21 p.m., sothy shan wrote: > Hi, > > I can give precise what I am doing on this part.See the previous mail below > for my exact requirement. > > //create the keys. > > $openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem > > Both keys(cert.pem and key.pem) are